Cybercriminals Take Aim at Small Businesses

As larger enterprises have stepped up IT security spending and compliance efforts, cyberfiends increasingly are shifting their sights to small- and medium-sized businesses.

“Like many other criminals, cybercriminals tend to go for the low-hanging fruit,” said Tori Case, vice president of product management at CyberPatrol. “The larger enterprises know what they need to do to protect themselves. The opportunity for criminals there aren’t as easy as they once were, so they’re shifting their sights downwards to smaller businesses.”

And there are more small businesses for them to target given the current economy, she added. “More and more people are unemployed, and more and more people are starting up their own businesses.”

However, such individuals don’t necessarily have the security expertise and knowledge to keep cybercriminals at bay, nor can they afford to have an IT department help them out. After all, it’s not uncommon for these companies to start up in people’s homes or garages.

Moreover, to keep costs down, small business owners may choose to use the family computer instead of going out and buying a computer dedicated to work alone. While this initially might seem like a thrifty measure, it may prove costly in the long run.

“Because the line in these start-ups is blurry between home and work, you run into some increased risks with the business,” Case said.

“[If] the business is being worked on from a couple of people’s homes, they may not be looking at pornography sites, but maybe someone else in the house is,” she said. “[Even if] they aren’t looking up porn, they may get e-mails from porn sites, open it up unsuspectingly and get infected.”

Further, “without the right protection in place, you can, without your knowledge, have your computer hijacked to be part of a botnet and be involved in scamming people,” Case said.

A good first step to prevent such occurrences is to make sure you have the right security software in place. These include anti-virus and anti-malware products.

Another practical step would be to invest in two separate computers for home use and work use.

“Dedicate your work computer to the business — and not to online shopping or playing games,” Case said. “Setting up boundaries between the business and personal life is good.”